Originally posted by Wolf Knight:

your account is compromised
DO NOT TRADE


Steps to take NOW:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

after you secure the account, figure out now you gave away the log in

Originally posted by 지드래곤:

Originally posted by Wolf Knight:

your account is compromised
DO NOT TRADE


Steps to take NOW:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

after you secure the account, figure out now you gave away the log in

Thank you, I followed your steps and did all of it. Though, I'm still not sure how they got onto my account as I can't find any malware or spyware lurking on my computer, and let alone why I wasn't notified about a login from steam. Hopefully, at least whatever it was is now solved and cleaned from my PC or whoever was on my account is now off of it.

Originally posted by J4MESOX4D:

Originally posted by 지드래곤:

Thank you, I followed your steps and did all of it. Though, I'm still not sure how they got onto my account as I can't find any malware or spyware lurking on my computer, and let alone why I wasn't notified about a login from steam. Hopefully, at least whatever it was is now solved and cleaned from my PC or whoever was on my account is now off of it.

Have you logged into any 3rd party sites? The easiest way users become compromised like this is when they give away their credentials to a phishing page where these are then captured and login-botted into a real client. The victim is then hijacked and they wont even know it. You will also not be informed of an external login because the correct credentials were entered.

Originally posted by 지드래곤:

Originally posted by J4MESOX4D:

Have you logged into any 3rd party sites? The easiest way users become compromised like this is when they give away their credentials to a phishing page where these are then captured and login-botted into a real client. The victim is then hijacked and they wont even know it. You will also not be informed of an external login because the correct credentials were entered.

That would probably be the highest probability, as I log onto CS:GO Marketplaces often such as cs.money and more to check prices of skins. I must've logged onto a suspicious site without warning a while back. Thanks for the input, I wouldn't have came to this solution if I'm being honest.

Originally posted by 지드래곤:

Originally posted by J4MESOX4D:

Have you logged into any 3rd party sites? The easiest way users become compromised like this is when they give away their credentials to a phishing page where these are then captured and login-botted into a real client. The victim is then hijacked and they wont even know it. You will also not be informed of an external login because the correct credentials were entered.

That would probably be the highest probability, as I log onto CS:GO Marketplaces often such as cs.money and more to check prices of skins. I must've logged onto a suspicious site without warning a while back. Thanks for the input, I wouldn't have came to this solution if I'm being honest.

Originally posted by J4MESOX4D:

Originally posted by 지드래곤:

That would probably be the highest probability, as I log onto CS:GO Marketplaces often such as cs.money and more to check prices of skins. I must've logged onto a suspicious site without warning a while back. Thanks for the input, I wouldn't have came to this solution if I'm being honest.

Those are the main culprits usually and that 'money' site is also embroiled in phishing so I would avoid that in future.

The fact less that $5 was lost shows the scammers were amateurs because most sites will only act on an account they've compromised if they payoff is significant. Some will only intercept trades that have a 3-figure value and others wont launder through the market unless it's over $20. They know once they've acted, their cover is blown so to swipe only $4.49 minus fees is pretty lame and desperate.

Doing the steps has made your account completely secure going forward but the next time you give away your credentials to one of these sites then you'll end up getting shadow-hijacked again and you wont know until it's too late. Next time it could be for a much more significant sum.

Originally posted by Nyamelon:

Originally posted by 지드래곤:

That would probably be the highest probability, as I log onto CS:GO Marketplaces often such as cs.money and more to check prices of skins. I must've logged onto a suspicious site without warning a while back. Thanks for the input, I wouldn't have came to this solution if I'm being honest.

CS:GO sites and such are a major part of compromised accounts now a days. Don't go to any site to "vote" for some random team. Don't login with steam on any of the sites honestly. It's good you learn with minimal loss because it could have been worse. I personally don't store any money or payment information on steam as an added protection. Steam is pretty helpful in taking care of these problems when they happen luckily.:perpell:

Just be sure to be cautious, the world is sadly full of potential scams and such waiting to catch people off guard for just a small amount of time.:sarah:

Lets be honest every one gets scammed or some thing at some point steam related or not, then we learn from it.:CyberdimensionCompa:

Originally posted by tren?:

I'm gonna type a whole lot to explain the entire situation.

I woke up this morning and logged on steam, I originally had about like 5 bucks on my funds but it was 49 cents when I checked today. I didn't recall buying anything at all, so I checked my purchase history and it said I had bought some DOTA thing off the marketplace for $4.49 when it's actually only worth about 5 cents. I checked my email and it said the purchase took place Monday, September 8th at 8:11 AM.

Before anybody says I probably bought it and forgot or smth, I literally don't even have DOTA in my library and wouldn't stupidly pay 5 bucks for something that's worth 5 cents. Thing is, it doesn't seem like whoever bought it logged on at all? I set up 2FA and Mobile Steam, so I would for sure get notified if someone were to try and access my account, but I don't have any notifications about them.

I don't know if anyone else has had t his happen to them, as I can't find any discussions or solutions to this problem, let alone a cause. Is this some new scam going around or something? Is it possible to be refunded for this? The account I bought off seems to also be a CS:GO Exploiter with no VAAC ban, at least according to the profile comments.

I reset my steam account password in case somebody were to be in my account, but I'm still suspicious if maybe that wasn't enough. A note to add is that it doesn't seem like whoever was on my account didn't sell anything very important on my account, only some scrap skin on CS:GO that's worth a couple cents. Hopefully, I don't wake up the next morning with my knife gone.

I've also been getting lots of scams who hit me up for my knife, but I don't click on any links they send or anything and just ignore them. Either way, the person I bought off wasn't anyone who messaged me either.

Sorry for typing a ♥♥♥♥♥♥♥♥ essay, but I'm genuinely confused and concerned for the safety of my account. If somebody could help me out with this, I would be greatly in your debt.

Originally posted by adidass:

Originally posted by tren?:

I'm gonna type a whole lot to explain the entire situation.

I woke up this morning and logged on steam, I originally had about like 5 bucks on my funds but it was 49 cents when I checked today. I didn't recall buying anything at all, so I checked my purchase history and it said I had bought some DOTA thing off the marketplace for $4.49 when it's actually only worth about 5 cents. I checked my email and it said the purchase took place Monday, September 8th at 8:11 AM.

Before anybody says I probably bought it and forgot or smth, I literally don't even have DOTA in my library and wouldn't stupidly pay 5 bucks for something that's worth 5 cents. Thing is, it doesn't seem like whoever bought it logged on at all? I set up 2FA and Mobile Steam, so I would for sure get notified if someone were to try and access my account, but I don't have any notifications about them.

I don't know if anyone else has had t his happen to them, as I can't find any discussions or solutions to this problem, let alone a cause. Is this some new scam going around or something? Is it possible to be refunded for this? The account I bought off seems to also be a CS:GO Exploiter with no VAAC ban, at least according to the profile comments.

I reset my steam account password in case somebody were to be in my account, but I'm still suspicious if maybe that wasn't enough. A note to add is that it doesn't seem like whoever was on my account didn't sell anything very important on my account, only some scrap skin on CS:GO that's worth a couple cents. Hopefully, I don't wake up the next morning with my knife gone.

I've also been getting lots of scams who hit me up for my knife, but I don't click on any links they send or anything and just ignore them. Either way, the person I bought off wasn't anyone who messaged me either.

Sorry for typing a ♥♥♥♥♥♥♥♥ essay, but I'm genuinely confused and concerned for the safety of my account. If somebody could help me out with this, I would be greatly in your debt.

Hey, This same thing happened to me today and i dont know how to get my money back, please help and guide me.

Originally posted by divyoshanuivangargi:

this happned to me today

Originally posted by my name is modefoka:

exactly the same happend right now to me but my pc wasn't even connected to the internet it was offline i don't know how this happend. and my skins were sold while on marketplace hold. if someone knows how to get them back please help. tnx